رسالة خطأ ارجو الحل ..

أ

أهلاوي قمر

زيزوومي نشيط
إنضم
27 فبراير 2008
المشاركات
193
مستوى التفاعل
0
النقاط
230
الإقامة
saide
غير متصل
السلام عليكم ورحمة الله وبركاته
يا أخوان عندي مشكلة طفشتني
ارجو تلاقولي حل
هذه هي المشكلة

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


اتمنى تلاقولي حل
 

توقيع : أهلاوي قمر
ترتيب حسب التاريخ ترتيب حسب الأصوات
وعليكم السلام


الله يحييك اخوي
حمل هذا البرنامج

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


شغل البرنامج ==> واضغط على
Do a system scan and save log
لحظات .. ويظهر لك تقرير داخل المفكرة==> انسخه والصقه بردك القادم
 
التعديل الأخير بواسطة المشرف:
توقيع : AbOdy
تأييد 0
اتفضل تقرير الهايجك


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:24:10 م, on 09/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Media Access Startup - {25B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Media Access Startup\1.3.0.790\HPIEAddOn.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: NP Helper Class - {35B8D58C-B0CB-46b0-BA64-05B3804E4E86} - C:\Program Files\Internet Saving Optimizer\3.3.0.4160\NPIEAddOn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: System Search Dispatcher - {CDBFB47B-58A8-4111-BF95-06178DCE326D} - C:\Program Files\System Search Dispatcher\1.2.0.750\ssd.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [GEST] m–|\ü
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: &تصدير إلى Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: تحميل الكل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: تحميل بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: تحميل محتوى فيديو (إف.إل.في) بـ إنترنت داونلود مانيجر - C:\Program Files\Internet Download Manager\IEGetVL.htm
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 8108 bytes
 
توقيع : أهلاوي قمر
تأييد 0
عطل برامج الحماية عن العمل
ثم
حمل الاداة التالية واحفظها على سطح المكتب

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


عند تشغيلها بتظهر لك رسالة ,, اضغط على >> Yes
بعدها بتظهر لك رساله ثانيه ,, اضغط على >> Yes
اثناء الفحص ممكن يعاد تشغيل الجهاز
وبعد اعادة التشغيل ,, سوف تبدأ الاداة بالفحص مرره ثانيه
لا تقم بتشغيل اي برنامج ،، ومهما طالت عملية الفحص انتظر حتى تنتهي
انتظر حتى يظهر لك تقرير ،،انسخه والصقه بمشاركتك القادمة
 
توقيع : AbOdy
تأييد 0
ComboFix 09-07-09.08 - مستخدم جديد 07/10/2009 17:29.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1025.18.2037.1552 [GMT 3:00]
Running from: c:\documents and settings\مستخدم جديد\سطح المكتب\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.3.0.4160\adwpx.exe
c:\program files\Internet Saving Optimizer\3.3.0.4160\Data\config.md
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.dll
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.3.0.4160\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.3.0.4160\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.3.0.4160\NPIEAddOn.dll
c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.dat
c:\program files\Internet Saving Optimizer\3.3.0.4160\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.3.0.790\Data\config.md
c:\program files\Media Access Startup\1.3.0.790\FF\chrome.manifest
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.3.0.790\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.dll
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.3.0.790\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.3.0.790\FF\install.rdf
c:\program files\Media Access Startup\1.3.0.790\HPCommon.dll
c:\program files\Media Access Startup\1.3.0.790\HPIEAddOn.dll
c:\program files\Media Access Startup\1.3.0.790\hppx.exe
c:\program files\Media Access Startup\1.3.0.790\MAHelper.exe
c:\program files\Media Access Startup\1.3.0.790\unins000.dat
c:\program files\Media Access Startup\1.3.0.790\unins000.exe
c:\program files\System Search Dispatcher\1.2.0.750\ssd.dll
C:\temp.temp
.
((((((((((((((((((((((((( Files Created from 2009-06-10 to 2009-07-10 )))))))))))))))))))))))))))))))
.
2009-07-10 14:20 . 2009-07-10 14:20 -------- d-----w- c:\documents and settings\All Users\Application Data\CrystalIdea Software
2009-07-09 10:24 . 2009-07-09 10:24 -------- d-----w- c:\program files\Trend Micro
2009-07-09 09:17 . 2009-07-10 14:14 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\IDM
2009-07-09 09:17 . 2009-07-10 14:14 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\DMCache
2009-07-09 09:17 . 2009-07-10 14:15 -------- d-----w- c:\program files\Internet Download Manager
2009-07-09 09:10 . 2009-07-09 09:10 -------- d-----w- c:\program files\FormatFactory
2009-07-07 16:44 . 2009-07-07 16:44 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-07-07 15:05 . 2009-07-07 15:05 -------- d-sh--w- c:\documents and settings\مستخدم جديد\PrivacIE
2009-07-07 15:03 . 2009-07-07 15:03 -------- d-sh--w- c:\documents and settings\مستخدم جديد\IETldCache
2009-07-07 14:56 . 2009-06-02 10:12 102912 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-07-07 14:56 . 2009-07-07 14:56 -------- d-----w- c:\windows\ie8updates
2009-07-07 14:56 . 2009-04-30 21:13 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-07-07 14:56 . 2009-04-30 21:13 1985024 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-07-07 14:56 . 2009-04-30 21:13 11064832 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-07-07 14:56 . 2009-04-30 21:13 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-07-07 14:55 . 2009-07-07 14:56 -------- d-----w- c:\windows\system32\ar-SA
2009-07-07 14:55 . 2009-07-07 14:55 -------- dc-h--w- c:\windows\ie8
2009-07-06 19:38 . 2009-07-06 19:38 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\TeamViewer
2009-07-06 19:38 . 2009-07-06 19:38 -------- d-----w- c:\documents and settings\مستخدم جديد\temp
2009-07-06 19:11 . 2009-07-06 19:11 -------- d-----w- c:\program files\Windows Live Safety Center
2009-07-06 18:53 . 2009-07-06 18:53 -------- d-----w- c:\documents and settings\مستخدم جديد\Local Settings\Application Data\ESET
2009-07-06 07:29 . 2009-07-06 07:29 -------- d-----w- c:\documents and settings\مستخدم جديد\Local Settings\Application Data\Internet Saving Optimizer
2009-07-06 07:29 . 2009-07-06 07:29 -------- d-----w- c:\documents and settings\مستخدم جديد\Local Settings\Application Data\_
2009-07-06 07:28 . 2009-07-06 07:28 -------- d-----w- c:\documents and settings\مستخدم جديد\Local Settings\Application Data\Media Access Startup
2009-07-06 07:28 . 2009-07-06 07:28 -------- d-----w- c:\program files\System Search Dispatcher
2009-07-06 07:28 . 2009-07-06 07:28 -------- d-----w- c:\documents and settings\مستخدم جديد\Local Settings\Application Data\DoubleD
2009-06-29 07:16 . 2004-08-03 21:55 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-06-29 07:16 . 2004-08-03 21:55 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-06-29 07:00 . 2009-06-29 07:00 -------- d-----w- c:\program files\MSXML 4.0
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-10 14:25 . 2001-09-19 08:00 40118 ----a-w- c:\windows\system32\perfc001.dat
2009-07-10 14:25 . 2001-09-19 08:00 251674 ----a-w- c:\windows\system32\perfh001.dat
2009-07-10 14:21 . 2009-06-29 04:18 16608 ----a-w- c:\windows\gdrv.sys
2009-07-09 08:51 . 2009-06-29 05:27 -------- d-----w- c:\program files\MSN Messenger
2009-07-06 18:53 . 2009-06-29 05:27 -------- d-----w- c:\program files\Circle Developement
2009-07-02 23:49 . 2009-06-29 05:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-06-30 07:40 . 2009-06-29 04:01 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-06-29 06:50 . 2009-06-29 06:50 2678 ----a-w- c:\windows\java\Packages\Data\FHBJ3JHN.DAT
2009-06-29 06:50 . 2009-06-29 06:50 2678 ----a-w- c:\windows\java\Packages\Data\YSXB9BBF.DAT
2009-06-29 06:50 . 2009-06-29 06:50 2678 ----a-w- c:\windows\java\Packages\Data\MIYO977R.DAT
2009-06-29 06:50 . 2009-06-29 06:50 2678 ----a-w- c:\windows\java\Packages\Data\LJ77RFDF.DAT
2009-06-29 06:50 . 2009-06-29 06:50 2678 ----a-w- c:\windows\java\Packages\Data\GHF57DZB.DAT
2009-06-29 06:04 . 2009-06-29 05:30 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\Apple Computer
2009-06-29 05:51 . 2009-06-29 05:51 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\ESET
2009-06-29 05:50 . 2009-06-29 05:50 -------- d-----w- c:\program files\ESET
2009-06-29 05:50 . 2009-06-29 05:50 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-06-29 05:39 . 2009-06-29 05:39 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\Ahead
2009-06-29 05:39 . 2009-06-29 05:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-06-29 05:38 . 2009-06-29 05:38 -------- d-----w- c:\program files\Common Files\Ahead
2009-06-29 05:38 . 2009-06-29 05:38 -------- d-----w- c:\program files\Nero
2009-06-29 05:38 . 2009-06-29 05:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-06-29 05:34 . 2009-06-29 05:33 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\Nokia
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\PC Suite
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\program files\Nokia
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\program files\DIFX
2009-06-29 05:33 . 2009-06-29 05:33 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-29 05:33 . 2009-06-29 05:33 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Installer\CommonCustomActions\UninstCCD.exe
2009-06-29 05:33 . 2009-06-29 05:33 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-06-29 05:33 . 2009-06-29 05:33 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{2B8BEBBF-73A0-497D-9900-8474D022AB3F}\Installer\CommonCustomActions\UninstPCS.exe
2009-06-29 05:32 . 2009-06-29 05:32 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-06-29 05:32 . 2009-06-29 05:32 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-29 05:32 . 2009-06-29 05:32 -------- d-----w- c:\program files\Windows Media Connect 2
2009-06-29 05:32 . 2009-06-29 05:31 -------- d-----w- c:\program files\Common Files\COWON
2009-06-29 05:32 . 2009-06-29 05:31 -------- d-----w- c:\program files\JetAudio
2009-06-29 05:31 . 2009-06-29 04:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-29 05:31 . 2009-06-29 05:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-06-29 05:30 . 2009-06-29 05:30 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-29 05:30 . 2009-06-29 05:30 -------- d-----w- c:\program files\Real
2009-06-29 05:30 . 2009-06-29 05:30 -------- d-----w- c:\program files\Common Files\Real
2009-06-29 05:30 . 2009-06-29 05:30 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-06-29 05:30 . 2009-06-29 05:30 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-06-29 05:29 . 2009-06-29 05:29 -------- d-----w- c:\program files\QuickTime
2009-06-29 05:29 . 2009-06-29 05:29 -------- d-----w- c:\program files\iPod
2009-06-29 05:29 . 2009-06-29 05:29 -------- d-----w- c:\program files\iTunes
2009-06-29 05:29 . 2009-06-29 05:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-06-29 05:29 . 2009-06-29 04:21 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-29 05:28 . 2009-06-29 05:28 2232 ----a-w- c:\windows\java\Packages\Data\Z9ZT3NDN.DAT
2009-06-29 05:28 . 2009-06-29 05:28 155995 ----a-w- c:\windows\java\Packages\N133PB5V.ZIP
2009-06-29 05:27 . 2009-06-29 05:27 -------- d-----w- c:\program files\Windows Live
2009-06-29 05:27 . 2009-06-29 05:27 -------- d-----w- c:\program files\Messenger Plus! Live
2009-06-29 05:27 . 2009-06-29 04:12 94632 ----a-w- c:\documents and settings\مستخدم جديد\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-29 05:27 . 2009-06-29 05:22 -------- d-----w- c:\program files\برنامج مجلة الدعوة الألكتونية
2009-06-29 05:22 . 2009-06-29 05:27 720896 ----a-w- c:\windows\iun6002.exe
2009-06-29 05:21 . 2009-06-29 05:21 -------- d-----w- c:\program files\Microsoft.NET
2009-06-29 05:21 . 2009-06-29 05:21 -------- d-----w- c:\program files\Golden Al-Wafi Translator
2009-06-29 05:21 . 2009-06-29 05:21 -------- d-----w- c:\program files\Microsoft Works
2009-06-29 05:21 . 2009-06-29 05:21 172032 ------w- c:\windows\Setup1.exe
2009-06-29 05:20 . 2009-06-29 05:20 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-06-29 04:27 . 2009-06-29 04:25 -------- d-----w- c:\program files\Realtek
2009-06-29 04:27 . 2009-06-29 04:27 -------- d-----w- c:\documents and settings\مستخدم جديد\Application Data\InstallShield
2009-06-29 04:25 . 2009-06-29 04:25 315392 ----a-w- c:\windows\HideWin.exe
2009-06-29 04:22 . 2009-06-29 04:22 -------- d-----w- c:\program files\Intel
2009-06-29 04:21 . 2009-06-29 04:21 -------- d-----w- c:\program files\Browser Configuration Utility
2009-06-29 04:21 . 2009-06-29 04:21 -------- d-----w- c:\program files\Gigabyte
2009-06-29 04:02 . 2009-06-29 04:02 -------- d-----w- c:\program files\microsoft frontpage
2009-06-29 03:59 . 2009-06-29 03:59 22144 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-24 20:20 . 2009-06-24 20:20 1547776 ----a-w- c:\windows\system32\sfcfiles.dll
2009-05-13 05:02 . 2004-08-03 18:55 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-07 15:42 . 2004-08-03 18:55 344064 ----a-w- c:\windows\system32\localspl.dll
2009-04-19 20:08 . 2004-08-03 18:46 1846528 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 15:12 . 2004-08-03 18:55 584192 ----a-w- c:\windows\system32\rpcrt4.dll
.
------- Sigcheck -------
[-] 2008-04-14 15:59 1571328 6B8B7B206FA0C50B4CF99EEE2AC14BC7 c:\windows\SoftwareDistribution\Download\7ddc38335814ac754f158e6c7fa2b6cb\sfcfiles.dll
[-] 2009-06-24 20:20 1547776 6E932D21E116B51ED9D5157E31C48E33 c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe" [2008-06-17 1249280]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-06-18 1122816]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GEST"="m–|\ü" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-05 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-05 137752]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2005-10-06 278528]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-06-29 155648]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-06-29 185896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-02-13 16857600]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [07/04/2009 02:42 م 124928]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [06/02/2009 02:23 م 106208]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [06/02/2009 02:23 م 727720]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [29/06/2009 07:21 ص 80392]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.sa/
uInternet Connection Wizard,ShellNext = hxxp://www.eset.com/
IE: &تصدير إلى Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: Microsoft XML Parser for Java -

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,

يجب عليك تسجيل الدخول أو التسجيل لمشاهدة الرابط المخفي


Rootkit scan 2009-07-10 17:32
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-07-10 17:33
ComboFix-quarantined-files.txt 2009-07-10 14:33
Pre-Run: 111,811,039,232 bytes free
Post-Run: 113,926,168,576 bytes free
223 --- E O F --- 2009-07-07 14:57
 
توقيع : أهلاوي قمر
تأييد 0
هلا بك وعذرا على التأخير

ارفع تقرير هايجاك جديد
 
توقيع : AbOdy
تأييد 0
يجب تسجيل الدخول أو التسجيل كي تتمكن من الرد هنا.
عودة
أعلى